CVE-2023-29492 — Novi Survey Novi Survey

Novi Survey Insecure Deserialization Vulnerability

Added to KEV

2023-04-13

Federal due date

2023-05-04

Vendor

Novi Survey

Product

Novi Survey

EPSS

95.4th percentile (score 0.183, as of 2026-06-08)

NVD CVSS v3.1

—

Ransomware use

Unknown

Upstream

https://nvd.nist.gov/vuln/detail/CVE-2023-29492

CISA short description

Novi Survey contains an insecure deserialization vulnerability that allows remote attackers to execute code on the server in the context of the service account.

Required action

Apply updates per vendor instructions.

EPSS percentile is the FIRST.org exploit-probability ranking as of the date noted above; it moves daily. CVSS reflects NVD's analysis at time of publication.